#!/bin/bash

#脚本目的：清除不必要的、可登陆的系统用户，减小系统安全风险
#需要手动将脚本加入到定时任务中
#运行该脚本有风险，请谨慎操作并做好备份

bash1='/bin/bash'
bash2='/bin/csh'
bash3='/bin/sh'
bash4='/usr/bin/sh'
bash5='/bin/tcsh'
bash6='/usr/bin/bash'

#查找可以登陆系统的用户
username=`awk -F: -v b1=$bash1 -v b2=$bash2 -v b3=$bash3 -v b4=$bash4 -v b5=$bash5 -v b6=$bash6 '$7 == b1 || $7==b2 || $7==b3 || $7==b4 || $7==b5 || $7==b6 {print $1}' /lianxi/passwd `

for i in $username
do
	#将root及其他必要用户排除
	if [[ $i == 'root' ]] || [[ $i == 'dk' ]]   
	then
		echo "user: $i is an important user."
	else
		userdel -r $i
		if (($?==0))
		then
			echo "del user:$i success."
		else
			echo "del user:$i failed,please check the reason for it"
		fi
	fi
done 
